<?php

/**
 * MVM_MALL 网上商店系统  找回密码
 * ============================================================================
 * 版权所有 (C) 2007-2010 www.mvmmall.com，并保留所有权利。
 * 网站地址: http://www.mvmmall.com
 * ----------------------------------------------------------------------------
 * 这是一个免费开源的软件；这意味着您可以在不用于商业目的的前提下对程序代码
 * 进行修改、使用和再发布。
 * ============================================================================
 * $Author:  www.mvmmall.com  $
 * $Date: 2008-06-12 $
 * $Id: lostpass.php  www.mvmmall.com$
 * ---------------------------------------------
*/

require_once './include/common.inc.php';
if($action=='lostpasswd'){
	if($setp==1 && $_POST){
		empty($login_id)   &&  show_msg('intput_member');
		empty($loss_email) &&  show_msg('member_loss_email');
		$login_id   = dhtmlchars($login_id);
		$loss_email = dhtmlchars($loss_email);
		$list = $db->get_one("SELECT member_id, member_email,member_name FROM `{$tablepre}member_table` WHERE member_id = '$login_id' AND member_email = '$loss_email'");
		if($list[member_id]==$login_id &&  $list[member_email]==$loss_email){
			//写入记录
			$rnd =md5("!@#$%&^*jkfeifoe".mt_rand(1000,9990));
			$row = array(
			'user_id'         => $list[member_id],
			'lost_str'        => $rnd,
			'lost_time'       => $m_now_time,
			);
			$db->insert("{$tablepre}lostpass",$row);
			/**发送邮件**/
			$chang_url     = MVMMALL_DIR."/lostpass.php?action=changpasswd&login_id=$list[member_id]&str=$rnd";
			$mail_content  = "$list[member_name]: $lang[sitemap_loss]<br>";
			$mail_content .= "$lang[user_id] :  $list[member_id]<br>";
			$mail_content .= "password >>>：<a href=\"$chang_url\" target=\"_blank\">$chang_url</a><br>";
			smtp_mail($list['member_email'],$lang['sitemap_loss'],$mail_content,html);
			show_msg('loss_sned_email','./');
			/**end**/

		}else {
			show_msg('member_loss_id');
		}
	}else {
		require_once MVMMALL_ROOT.'header.php';
		$navigation = make_navigation($lang['sitemap_loss'],GetBaseUrl('lostpasss','lostpasswd'));//导航
		require_once template('lostpasswd');
		footer();
	}
} elseif ($action=='changpasswd'){
	$login_id = dhtmlchars($login_id);
	$str      = trim(dhtmlchars($str));
	$loss_log = $db->get_one("SELECT * FROM `{$tablepre}lostpass` WHERE user_id='$login_id' And lost_str='$str' LIMIT 1");
	if($str!=$loss_log['lost_str'] || $login_id !=$loss_log['user_id']){
		show_msg('pass_worng');
	}
	if(($now_time-$loss_log['lost_time'])>3) {
		//删除取回密码表
		$db->query("DELETE FROM `{$tablepre}lostpass` WHERE user_id='$login_id'");
		show_msg('loss_time_err');
	}
	if($setp==1 && $_POST){
		$new_pass = md5(trim(dhtmlchars($new_pass)));
		$db->query("UPDATE `{$tablepre}member_table` SET member_pass= '$new_pass' WHERE member_id = '$login_id'");
		$db->query("DELETE FROM `{$tablepre}lostpass` WHERE user_id='$login_id'");
		show_msg('member_modify_ok',GetBaseUrl('logging','login'));
	}else {
		$mm_mall_title = $login_id.$lang['update_loss'];
		$navigation = make_navigation($lang['update_loss'],"lostpass.php?action=changpasswd&loss_id=$loss_id&str=$str");//导航
		require_once MVMMALL_ROOT.'header.php';
		require_once template('lostpasswd');
		footer();
	}
}else {
	show_msg('pass_worng');
}


